Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/3240e9-0eab-48fb-960b-3b651bb08efb/1/2RyLE_LZuHzSXkTYOvkYFBYiy4o.roa
File: 2RyLE_LZuHzSXkTYOvkYFBYiy4o.roa (raw, json)
Hash identifier: W8178gzARc8G7/wIunYzbf9dlIqJEul5+nB0lBaUQhw=
Subject key identifier: D9:1C:8B:13:F2:D9:B8:7C:D2:5E:44:D8:3A:F9:18:14:16:22:CB:8A
Certificate issuer: /CN=61b95518ed4f5582a2f6c11955740284bc088134
Certificate serial: 019B7D5C47BE6208D747527C6755A2326380
Authority key identifier: 61:B9:55:18:ED:4F:55:82:A2:F6:C1:19:55:74:02:84:BC:08:81:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YblVGO1PVYKi9sEZVXQChLwIgTQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/3240e9-0eab-48fb-960b-3b651bb08efb/1/2RyLE_LZuHzSXkTYOvkYFBYiy4o.roa
Signing time: Fri 02 Jan 2026 06:19:18 +0000
ROA not before: Fri 02 Jan 2026 06:19:18 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42411
IP address blocks: 185.202.140.0/24 maxlen: 24
185.202.141.0/24 maxlen: 24
185.202.142.0/23 maxlen: 23
185.202.142.0/24 maxlen: 24
185.202.143.0/24 maxlen: 24
195.122.64.0/24 maxlen: 24
195.122.65.0/24 maxlen: 24
195.122.66.0/24 maxlen: 24
195.122.68.0/24 maxlen: 24
195.122.69.0/24 maxlen: 24
195.122.70.0/24 maxlen: 24
195.122.71.0/24 maxlen: 24
195.122.74.0/24 maxlen: 24
2a0b:1940::/48 maxlen: 48
2a0b:1940:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/3240e9-0eab-48fb-960b-3b651bb08efb/1/YblVGO1PVYKi9sEZVXQChLwIgTQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/3240e9-0eab-48fb-960b-3b651bb08efb/1/YblVGO1PVYKi9sEZVXQChLwIgTQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/YblVGO1PVYKi9sEZVXQChLwIgTQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 12:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7d:5c:47:be:62:08:d7:47:52:7c:67:55:a2:32:63:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b95518ed4f5582a2f6c11955740284bc088134
Validity
Not Before: Jan 2 06:19:18 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d91c8b13f2d9b87cd25e44d83af918141622cb8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:57:74:22:4b:90:0d:a2:cb:ee:7e:26:d8:19:
e9:0b:05:1d:1f:29:e9:40:c3:f7:5d:1e:ea:fc:af:
41:96:0f:2e:6e:99:8c:ef:7d:0f:29:37:cb:23:c2:
e1:c4:db:dd:60:b4:5e:f8:dc:a2:aa:7a:eb:d9:40:
77:ea:11:48:13:66:f2:cb:68:50:e7:41:86:bd:63:
4a:98:4c:25:69:70:a5:30:26:38:f3:f4:98:53:6c:
87:ef:9f:bf:00:49:74:cc:54:15:09:3e:21:05:ca:
32:df:1a:34:a4:3d:4e:21:1a:2e:b2:ba:4a:cf:0e:
1a:4b:1d:a6:78:b0:ee:38:66:1d:f4:f3:b5:9a:87:
f4:07:4f:b2:04:5b:71:8e:0d:51:c7:62:f5:c0:52:
7c:75:b7:ae:ee:73:54:47:3e:a2:3d:fa:58:e6:46:
3d:56:11:6a:c9:7d:1f:35:41:3e:1c:8e:3b:a2:39:
b4:33:60:de:56:a3:8a:69:d4:51:7d:4c:86:e5:0d:
71:18:19:c2:31:9b:a6:83:cf:f0:8c:18:6f:b4:b4:
77:81:07:91:bd:64:77:ed:aa:3d:22:49:7a:c9:40:
4a:42:a5:9f:e1:af:8f:4d:81:cc:96:73:3c:4b:64:
b3:df:93:29:fd:ab:1f:ad:68:99:52:57:21:f7:d5:
11:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:1C:8B:13:F2:D9:B8:7C:D2:5E:44:D8:3A:F9:18:14:16:22:CB:8A
X509v3 Authority Key Identifier:
keyid:61:B9:55:18:ED:4F:55:82:A2:F6:C1:19:55:74:02:84:BC:08:81:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YblVGO1PVYKi9sEZVXQChLwIgTQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/3240e9-0eab-48fb-960b-3b651bb08efb/1/2RyLE_LZuHzSXkTYOvkYFBYiy4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/3240e9-0eab-48fb-960b-3b651bb08efb/1/YblVGO1PVYKi9sEZVXQChLwIgTQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.140.0/22
195.122.64.0-195.122.66.255
195.122.68.0/22
195.122.74.0/24
IPv6:
2a0b:1940::/47
Signature Algorithm: sha256WithRSAEncryption
41:9c:70:a6:1a:33:63:32:fb:b7:39:ab:d6:2d:53:b7:45:d5:
b5:95:57:91:4d:08:c2:5e:a2:ab:14:19:e6:a4:20:24:24:62:
cc:ac:f1:ea:f0:42:e9:d9:96:c0:1a:58:0e:a2:05:b6:12:6b:
77:8b:33:8f:68:34:f2:c0:c2:79:7b:a7:f6:6d:50:70:db:5f:
75:85:4f:70:9f:48:f8:b0:12:85:4f:bc:b8:df:23:2c:d6:a2:
b0:cb:f8:0f:f3:07:35:51:93:24:21:4c:6d:49:88:d0:fa:cf:
e5:a8:8c:f3:0b:32:57:b7:04:f9:b9:f3:66:0b:d0:a7:78:68:
0f:7e:b4:f2:ba:fd:60:77:5a:04:20:df:11:ce:1a:dc:5a:8d:
72:74:f3:de:ae:00:b3:fa:74:22:ce:be:67:b5:bd:b9:0c:a5:
1d:a3:bb:e2:d0:8b:13:37:ae:33:2c:89:34:73:6f:0f:f1:76:
3a:ef:f5:0c:10:58:38:f3:9f:f0:48:40:29:f8:9b:54:55:f2:
c6:25:cc:51:b8:2b:58:e0:ee:26:84:b7:0b:4d:b2:5a:c8:cf:
f5:a2:bf:57:1d:8c:e4:b7:c8:95:f0:35:ba:9f:ea:98:fc:cf:
ad:6d:7a:45:dc:13:1f:5d:5b:03:91:bc:1b:fb:01:97:16:b8:
ea:c8:de:d6
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZt9XEe+YgjXR1J8Z1WiMmOAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYjk1NTE4ZWQ0ZjU1ODJhMmY2YzExOTU1NzQwMjg0YmMw
ODgxMzQwHhcNMjYwMTAyMDYxOTE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTFjOGIxM2YyZDliODdjZDI1ZTQ0ZDgzYWY5MTgxNDE2MjJjYjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFd0IkuQDaLL7n4m2BnpCwUdHynp
QMP3XR7q/K9Blg8ubpmM730PKTfLI8LhxNvdYLRe+Nyiqnrr2UB36hFIE2byy2hQ
50GGvWNKmEwlaXClMCY48/SYU2yH75+/AEl0zFQVCT4hBcoy3xo0pD1OIRousrpK
zw4aSx2meLDuOGYd9PO1mof0B0+yBFtxjg1Rx2L1wFJ8dbeu7nNURz6iPfpY5kY9
VhFqyX0fNUE+HI47ojm0M2DeVqOKadRRfUyG5Q1xGBnCMZumg8/wjBhvtLR3gQeR
vWR37ao9Ikl6yUBKQqWf4a+PTYHMlnM8S2Sz35Mp/asfrWiZUlch99URbQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFNkcixPy2bh80l5E2Dr5GBQWIsuKMB8GA1UdIwQY
MBaAFGG5VRjtT1WCovbBGVV0AoS8CIE0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWJsVkdPMVBWWUtpOXNFWlZYUUNoTHdJZ1RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8zMjQwZTktMGVhYi00OGZiLTk2MGIt
M2I2NTFiYjA4ZWZiLzEvMlJ5TEVfTFp1SHpTWGtUWU92a1lGQllpeTRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8zMjQwZTktMGVhYi00OGZiLTk2MGItM2I2NTFiYjA4ZWZi
LzEvWWJsVkdPMVBWWUtpOXNFWlZYUUNoTHdJZ1RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAmBAIAATAgAwQCucqMMAwD
BAbDekADBADDekIDBALDekQDBADDekowDwQCAAIwCQMHASoLGUAAADANBgkqhkiG
9w0BAQsFAAOCAQEAQZxwphozYzL7tzmr1i1Tt0XVtZVXkU0Iwl6iqxQZ5qQgJCRi
zKzx6vBC6dmWwBpYDqIFthJrd4szj2g08sDCeXun9m1QcNtfdYVPcJ9I+LAShU+8
uN8jLNaisMv4D/MHNVGTJCFMbUmI0PrP5aiM8wsyV7cE+bnzZgvQp3hoD3608rr9
YHdaBCDfEc4a3FqNcnTz3q4As/p0Is6+Z7W9uQylHaO74tCLEzeuMyyJNHNvD/F2
Ou/1DBBYOPOf8EhAKfibVFXyxiXMUbgrWODuJoS3C02yWsjP9aK/Vx2M5LfIlfA1
up/qmPzPrW16RdwTH11bA5G8G/sBlxa46sje1g==
-----END CERTIFICATE-----
Generated at Mon Mar 2 20:51:02 2026 by rpki-client